<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=360724884392591&amp;ev=PageView&amp;noscript=1">


Smart Contracts Audit by Hacken


Who needs the Smart Contracts Audit?

Smart Contracts Developers
Owners & Managers of ICO Startups
Product Owners of Decentralized Apps
Anybody Who Needs Trust of Stakeholders & Investors

Why Smart Contracts Audit by Hacken? 

  • Detailed Report
  • Meeting Tight Deadlines
  • Fixed and Transparent Pricing
  • Clear Audit Metrics
  • Experienced Researchers
smart contract auditing firm
Since the day we had started development of the PumaPay PullPayment Protocol, we knew that security would always be our top priority. We chose Hacken as one of our security partners for the audit and were impressed by their professionalism and expertise in the field. Their team goes into every detail, and we appreciated the scope and detail of their reports,’ — said PumaPay Chief Blockchain Architect Giorgos Kourtellos.

Learn More

Legolas believes that their security and auditing needs should be met in the most efficient way possible. In keeping with this, the company chose Hacken’s white hat hacking service to secure their crowdsale. Both Legolas and Hacken believe there is an urgent need to focus on cybersecurity as part of their social responsibility”.

Learn More

- More than 30 satisfied clients

- Hundreds of discovered bugs and vulnerabilities

- Almost $1,000,000 saved

Smart Contracts Audit by Hacken

The professional team of consultants performs smart contract audit in accordance with the internal methodology. Hacken team analyses the smart contract’s functionality and performs all necessary checks against known vulnerabilities. Basic security audit includes manual codebase audit by Hacken consultants; automated tools security audit; a brief description of smart contract functionality, however, we offer to client three security audit options which are distinguished by the composition and duration:

Security Audit

(3-5 days)

Expert Audit

(1-2 weeks)

Comprehensive Audit

(2-4 weeks)

Request Your Consultation


Auditors need to receive smart contract code and provide auditors with a detailed description of smart contract functionality to start the audit.

Hacken provides a wide range of the audit options. We perform high-quality audits with reasonable and transparent pricing. Besides, as a smart contract auditing firm, we are able to meet tight deadlines.

Hacken has cybersecurity insurance partners (for instance, AIN) that can insure customers against hackers. Hacken (just like all other audit companies) doesn't guarantee total security after all audit issues are resolved.

The goal of the audit is to find and fix security issues to protect the application from hacker attacks. Our audit aims to check whether a smart contract is vulnerable to known attacks. We verify whether it doesn’t have any logical or access control issues, and make sure that it is compliant with the Solidity Code Style guide.

Most of the audit contracts are Ethereum Solidity contracts both ICO/Crowdsales and large applications. Hacken’s auditors also have experience in auditing smart contracts on other platforms (EOS, NEO, etc).

Automated analysis checks the code for known vulnerabilities in the contract code. It can't find logical vulnerabilities or issues related to interaction with other contracts. The automated analysis produces a large number of false positives. Therefore, vulnerabilities discovered by automated code analysis should be manually reviewed. The manual audit allows fixing more complex issues: a lot of vulnerabilities can only be discovered manually.

Smart contract audit uncovers existing vulnerabilities. After this analysis is completed, a customer should fix detected issues and perform a secondary audit. If this latter audit doesn't find any vulnerabilities, the risk of a successful attack is minimal.

Most common attacks are reentrancy, overflows and underflows, zero address attacks and logical attacks. However, there are many other attack types - Hacken takes care of them all.

Hacken team deploys smart contract locally and manually analyzes its business model, logical flows, and expected behavior. Auditors clarify and obtain the missing reference specifications of contracts. Auditors scan smart contracts with automated tools (Solidity Complier, Mythril, and Remix IDE) and review discovered issues manually. Hacken team manually checks smart contracts for known attacks: reentrancy, reordering, overflows, and other according to our internal methodology.

Hacken does not develop smart contracts.

We audited smart contracts of Amchart, Legolas Exchange, NapoleonX, and Indorse.

Hacken provides clients with a detailed report that contains general project info, executive summary, as-is overview, audit overview (highlights all issues and suggests solutions to them), conclusion, disclaimers, and appendixes with evidence. Auditors also provide clients with an optional one-page public report for an additional fee.

A private report is a detailed report that includes all audit findings and recommendations. It may also contain some sensitive information about the client that should be kept confidential. A public report is a one-page audit summary that includes relevant information for third-parties.

The secondary audit is a must if medium, high, or critical vulnerabilities were discovered. Fixes to these issues must be tested -  they may cause new security vulnerabilities or insufficiently resolve current issues.